Re: [strongSwan] VPN client (l2tp) is failed to reconnect

Hi, Any help on this please ?? -Jayapal On Tue, Oct 27, 2015 at 12:27 PM, Jayapal Reddy wrote: > Hi, > > I am using the strongswan ipsec. I have the remote access vpn setup and > windows7 client behind NAT got connected successfully. > The problem comes on restart of

Re: [strongSwan] charon says "DH group MODP_1024 inacceptable, requesting MODP_1536"

I found out that this combination works with of the devices out there: ike = 3des-sha1-modp1024 esp = aes256-sha1,aes192-sha1,aes128-sha1 windows 7 to 10, os x 10.11, ios 8 and 9, android... On Wed, Oct 28, 2015 at 2:50 AM, Rayson Zhu wrote: > I met this issue too. I

Re: [strongSwan] charon says "DH group MODP_1024 inacceptable, requesting MODP_1536"

--On Wednesday, October 28, 2015 05:18:28 PM +0800 Rayson Zhu wrote: yes, but only if you don't use high encryption. so sad. On Wed, Oct 28, 2015 at 4:56 PM, Roger Skjetlein wrote: I found out that this combination works with of the devices

Re: [strongSwan] charon says "DH group MODP_1024 inacceptable, requesting MODP_1536"

yes, but only if you don't use high encryption. so sad. On Wed, Oct 28, 2015 at 4:56 PM, Roger Skjetlein wrote: > I found out that this combination works with of the devices out there: > ike = 3des-sha1-modp1024 > esp = aes256-sha1,aes192-sha1,aes128-sha1 > >

[strongSwan] show issuer for "no trusted RSA public key found for 'peer.example.com'" in the log file?

Hi folks, AFAIK a log file message like no trusted RSA public key found for 'peer.example.com' means that the issuer for peer's certificate is not trusted. Wouldn't it be helpful if the issuer of the "bad" certificate is shown in the log file as well? Just a suggestion, of course.